Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: eZ Publish: unspecified vulnerability
From: Luc ABRIC <luc.abric () oppida fr>
Date: Thu, 15 Mar 2012 08:59:56 +0000

Hi,

We identified 2 critical vulnerabilities affecting the eZ Publish application in both commercial and community edition.

eZ Systems Enterprise just opened the following issue regarding the most critical vulnerability:
http://issues.ez.no/19238
The 2nd issue will lead to another item in the bugtracker as soon as its confirmed by eZ.

Is it enough to request a CVE ID, at least for the first issue?

We're waiting for the editor to roll out a fix before releasing more details (including our exploit).

Regards,
Luc ABRIC.

IT Security Expert at Oppida

6 avenue du Vieil Etang - B√Ętiment B
78180 Montigny-le-Bretonneux
Phone: +33 (0)1 30 14 19 00
Fax: +33 (0)1 30 14 19 09
Mobile: +33 (0)6 26 87 62 14
Mail: luc.abric () oppida fr

Website: www.oppida.fr




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]